Your PFSense Hardware


Recommended Posts

Ive gone through 4 bad HDD's in my pfsense box and Ive been fed up with it long enough. I bought a nice 24U Rack Cabinet last summer and I wanted to build a rack mounted pfsense box. Obviously using SSD's is bad because pfsense is writing all of the time, so I'm definitely not installing an SSD in my new box. Im thinking of building a 1u rack mount with a PCI Express slot and having a removable 2.5 inch drive on the front so anytime a hard drive dies, i can replace it easily. 

 

But, I'm posting this topic to see what you fine neowin people running pfsense have for hardware.

 

Thanks

Sikh

Link to comment
Share on other sites

I have it running in a VM on my HP Microserver N54L

 

Its just sitting on a mechanical drive and plays well :)

Link to comment
Share on other sites

Got my pfSense setup running on an older Watchguard Intel box.

The install site on a small Compact Flash card. think it might only be a 512mb one.

post-65025-0-09093300-1427383043.jpg

Link to comment
Share on other sites

This topic reminds me, I need to update my signature.

I run pfSense on a Asrock C2750D4I with a dual intel NIC add-in PCI-Express card.

Ever since pfSense 2.1beta (2012/2013) , I run an SSD in AHCI mode with TRIM for boot up containing "/" and separate "/usr" and "/var" with softupdates enabled.

For Squid I run a HDD mounted separately in "/cache".

No issues with SSD or HDD, guess you had bad luck if you needed 4 HDDs.

Link to comment
Share on other sites

I suddenly have the urge to buy some cable ties! :p

I have a 1U SuperMicro case with a Intel Atom CPU on the mobo... Forgot the model now but also from SuperMicro. I have 4GB of DDR in there just cuz its older and I had the sticks laying around from my old laptop. I have mine running on a old 80GB HDD that I got from work but I didn't need more space than that. If it fails I'll just put in another and restore from backup.

I'm just running home stuff and basic firewall NAT so I didn't need it but I like that better than the available routers which were $300 anyways. I did that whole setup for $150 including tabletop rack. I bought a 24port smartswitch also even tho I didn't need it either but for the day when I have my house I want ports in every room, make that 2 ports per room. Living room will have a port next to every electrical outlet!

Link to comment
Share on other sites

smartctl 6.3 2014-07-26 r3976 [FreeBSD 10.1-RELEASE-p6 amd64] (local build)
Copyright (C) 2002-14, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF READ SMART DATA SECTION ===
SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x002f   100   100   050    Pre-fail  Always       -       0
  5 Reallocated_Sector_Ct   0x0033   100   100   010    Pre-fail  Always       -       0
  9 Power_On_Hours          0x0032   100   100   001    Old_age   Always       -       28477
 12 Power_Cycle_Count       0x0032   100   100   001    Old_age   Always       -       67
170 Grown_Failing_Block_Ct  0x0033   100   100   010    Pre-fail  Always       -       0
171 Program_Fail_Count      0x0032   100   100   001    Old_age   Always       -       0
172 Erase_Fail_Count        0x0032   100   100   001    Old_age   Always       -       0
173 Wear_Leveling_Count     0x0033   099   099   010    Pre-fail  Always       -       51
174 Unexpect_Power_Loss_Ct  0x0032   100   100   001    Old_age   Always       -       49
181 Non4k_Aligned_Access    0x0022   100   100   001    Old_age   Always       -       2830 2580 250
183 SATA_Iface_Downshift    0x0032   100   100   001    Old_age   Always       -       0
184 End-to-End_Error        0x0033   100   100   050    Pre-fail  Always       -       0
187 Reported_Uncorrect      0x0032   100   100   001    Old_age   Always       -       0
188 Command_Timeout         0x0032   100   100   001    Old_age   Always       -       0
189 Factory_Bad_Block_Ct    0x000e   100   100   001    Old_age   Always       -       56
194 Temperature_Celsius     0x0022   100   100   000    Old_age   Always       -       0
195 Hardware_ECC_Recovered  0x003a   100   100   001    Old_age   Always       -       0
196 Reallocated_Event_Count 0x0032   100   100   001    Old_age   Always       -       0
197 Current_Pending_Sector  0x0032   100   100   001    Old_age   Always       -       0
198 Offline_Uncorrectable   0x0030   100   100   001    Old_age   Offline      -       0
199 UDMA_CRC_Error_Count    0x0032   100   100   001    Old_age   Always       -       0
202 Perc_Rated_Life_Used    0x0018   099   099   001    Old_age   Offline      -       1
206 Write_Error_Rate        0x000e   100   100   001    Old_age   Always       -       0

Smart data of the SSD, 28477 hours 3.25years of pfSense abuse...

Link to comment
Share on other sites

I have it running in a VM on my HP Microserver N54L

 

Its just sitting on a mechanical drive and plays well :)

 

I would love to run it as a VM, but my primary ESXi host is a power hog and in my new apartment I can't run it without heating up the office / half the apartment. So my secondary exsi host is a Mac mini and it does everything well but has no expansion. So I can't add any more Nic's.

 

 

Got my pfSense setup running on an older Watchguard Intel box.

The install site on a small Compact Flash card. think it might only be a 512mb one.

attachicon.gif10522469_797812696916211_2931327671422017163_n.jpg

 

I've been seeing a lot of people running pfsense on watch guard's but I can't find one in decent shape or a good deal. What model is that? I need to google again, maybe Ill get lucky. Does that watch guard use CF cards or has a HD inside?

 

 

This topic reminds me, I need to update my signature.

I run pfSense on a Asrock C2750D4I with a dual intel NIC add-in PCI-Express card.

Ever since pfSense 2.1beta (2012/2013) , I run an SSD in AHCI mode with TRIM for boot up containing "/" and separate "/usr" and "/var" with softupdates enabled.

For Squid I run a HDD mounted separately in "/cache".

No issues with SSD or HDD, guess you had bad luck if you needed 4 HDDs.

 

I was thinking about doing this, but didn't know how well it worked or was recommended, i was definitely going to take the heavy access area's of the filesystem and put them on an HDD, but I saw all over the pfsense forums that a SSD wasn't necessary or recommended. Instead I've seen flash media like SD, CF, etc

 

 

I suddenly have the urge to buy some cable ties! :p

I have a 1U SuperMicro cases with a Intel Atom CPU on the mono... Forgot the model noe but also from SuperMicro. I have 4GB of DDR in there just cuz its older and I had the sticks laying around from my old laptop. I have mine running on a old 80GB HDD that I got from work but I didn't need more space than that. If it fails I'll just put in another and restore from backup.

I'm just running home stuff and basic firewall NAT so I didn't need it but I like that better than the available routers which were $300 anyways. I did that whole setup for $150 including tabletop rack. I bought a 24port smartswitch also even tho I didn't need it either but for the day when I have my house I want ports in every room, make that 2 ports per room. Living room will have a port next to every electrical outlet!

 

I built my current pfsense box for $150. Its a dual core ATOM with 4gbs of ram and a 80gb hard drive. I've lost 3 drives but they were all old and worn out drives. One of them I lost during moving, even though the pfsense box was backed in tons of bubble wrap, perfectly protected and I moved the box myself both times, but hard drives fail, oh well.

 

 

Overall, I'm just tired of replacing dead hard drives in this thing because right now I have it nice and neatly sitting on a shelf. I have to pull my rack out to shove my hands in there, unplug everything move the box out and then rip it apart to get the HDD out. Since it was Mini ITX build and I wanted a small case, the 3.5" hard drive is mounted "very nicely" and tight in there. A bitch to replace, but looks nice overall when the box is built. Its time for me to move to a rack mounted solution anyway. I like how clean my rack looks right now and it'll look better if my pfsense was rack mounted above my switch. Right now my switch is rack mounted and so is my PDU, but not pfsense. I would also like to get rid of the shelf too, the only thing its holding is pfsense and my mac mini, I have a rack mount case for my mac mini, but I'm not going to make the plunge until i can get pfsense rack mounted. After that, the shelf will go away.

Link to comment
Share on other sites

I've been seeing a lot of people running pfsense on watch guard's but I can't find one in decent shape or a good deal. What model is that? I need to google again, maybe Ill get lucky. Does that watch guard use CF cards or has a HD inside?

 

I believe its a Firebox Core X1250

Check this for supported WatchGuard products: https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Supported_Fireboxes

whats the little screen that tells you what pfsense is doing?

It's just part of the WatchGuard product. Its actually not configured at the moment as it required more time and effort on getting it working than I had when i was setting this up.

Link to comment
Share on other sites

I have it running in a VM on my HP Microserver N54L

 

Its just sitting on a mechanical drive and plays well :)

 

 

shoul dhave said i add a dual port Gig NiC

 

so i have the ports on vmkern, WAN, LAN

Link to comment
Share on other sites

I believe its a Firebox Core X1250

Check this for supported WatchGuard products: https://doc.pfsense.org/index.php/PfSense_on_Watchguard_Firebox#Supported_Fireboxes

It's just part of the WatchGuard product. Its actually not configured at the moment as it required more time and effort on getting it working than I had when i was setting this up.

 

Thank you for the link. Just found one on eBay for $130. Almost considering buying it right now. Gotta be patient and do my research.

 

Edit: scratch that, it was a 750e. Still looking

Link to comment
Share on other sites

I really wouldn't be too worried with SSDs.. on the topic, here's a good read: http://techreport.com/review/26523/the-ssd-endurance-experiment-casualties-on-the-way-to-a-petabyte

^---tl;dr - 700TB of written data is where they started to see some failures.

 

I plan on building a 1U PFSense box as well.. I would go with a SSD, especially since most 1U chassis don't have all that great of cooling to begin with, unless you want screaming loud fans.

Link to comment
Share on other sites

Been running mine on on N40L microserver for years.  Currently pfsense amd64 2.2.1 on esxi 6, using openvm tools vs native since 10.1 of freebsd added native support for vmx3net and native tools driver seems to have an issue with check summing being enabled on the nic?

 

My datastore is 250GB SSD disk from crucial - older M500 line..

 

Recent SSDs have TB and TB of life in them, I wouldn't worry about using them for pretty much anything. 

Link to comment
Share on other sites

It sure is not pfsense causing the hdd to go.. You got something else going on, Using old warn our drives on their last leg already.  No cooling, bad psu, pfsense does not write that much to disk..

 

So running in esxi makes it easy to check what kind of writes your doing to your disk.. So here is my SSD, that is my datastore.. I have 7 VM's running 24/7 currently  and the max write is 375 KBps over the last hour on that graph.

 

post-14624-0-26185900-1427662875.png

 

Les use the MAX 375KBps x 60 x 60 x 24 is GB in a day.  32.4GB in a day.. So life of SSD is what??  There was a recent thread,  info I came up with at 40GB a day on a 250GB HD your looking at 11 Years..  I think I can live with 11 years ;)  And I am not even writing that much, that is the max ..

 

post-14624-0-83287300-1427663351.png

 

Average is 185, so say 16B a day prob more than 20 years..  And depending on the tests.. Could even be longer - don't get me wrong the thing could fail on day 3 after you install it - but being worried how much your writing to it in something like a lab/home esxi box or pfsense all by it self is a not really a issue if you ask me..

 

 

Link to comment
Share on other sites

Ha watch guard - been awhile since I've seen one of those red boxes.

weren't there like Pentium 3 chips in them? I can't remember, all I know is they used a lot of power for all they did...

Link to comment
Share on other sites

depends on what model of watchguard your talking about, there are lots of models.  I believe the one quoted X1250 is most likely a 1.3GHz Celeron-M CPU (SL6N7), that is what is listed on the pfsense watchguard doc page.

Link to comment
Share on other sites

I run mine in a VM sharing an SSD with the host OS. I don't have any non-default logging options enabled and it's not causing me any issues so far.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.